Topic: Understanding HD Wallets (Read 221 times)

You have done a good job. Thanks for the afford you put into this informative topic. I left +3 merit for you with the hope that this will inspire you to create more contents like this in the future.

See you around.

To my knowledge Ledger and Trezor have a choice only to use 24 words (+1 extra passphrase), and KeepKey is using 12 word seed. Other desktop / mobile wallets from OP are using 12 word seed, with the exception of Coinomi which is using 18, with option to use 24 in process of installing.

As for security (backup), HD wallets are in one way very easy / simple solution (no need to backup individual private keys), but on the other hand they represent a security risk for those who do not keep backup in the right way. If hacker gets into possession of user seed, loss of funds is inevitable.

Actually not all HD wallets use 12-phrase
You can choose between from 128-bit (12-phrase) and to 256-bit (24-phrase):
*Edited, sorry bout my English

Source: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki

If you confused about this theoretical explanation, you could google translate my local post https://bitcointalksearch.org/topic/m.41403564
There I explained how to get mnemonic phrases from 128-bit randomly generated entropy.

Mnemonic (BIP-39) (falsely referred to as seed or seed words) should not be confused with Hierarchical Deterministic Wallets (BIP-32) and seed (which is the random bytes used to derive all the keys from).
in short those words are your Mnemonic and when hashed using PBKDF2 key derivation function it gives you the seed used in BIP-32.


this is wrong.
SHA-256 is not used anywhere in BIP-32. you have your seed (the random bytes) and you perform an HMAC function on it with underlying SHA512 hash using the "Bitcoin seed" as its key to retrieve a 512 bit (64 byte) result and then split it to the key and chain code each 32 bytes.


this also lacks privacy because you are giving that website ALL your addresses that are currently in use or will ever be used in the future.

Maybe consider talking about the disadvantages of such wallets? For example, those with the Master Public Key + any one Child Private Key would be able to generate the Master Private Key. This would compromise all Child Private Keys. There already current solutions to this though such as using hardened keys.

Also, useful to talk about the commercial applications of HD wallets. Eg. handing out different child private keys to different departments to spend funds while allowing the auditors access to verify funds via the public key.

An HD Wallet, or Hierarchical Deterministic wallet, is a modern type of digital wallet that automatically generates a hierarchical or an ordered tree-like structure of private/public addresses (or keys) using a single master seed key based on BIP 32 (bitcoin Improvement Protocol 32)


Normally, in Bitcoin wallets a pair of private/public(or keys) is randomly generated and this requires one to take a backup each time one attempts to create a new wallet
This process was challenging back then before the advent of HD wallets because it would become more and more complicated and cumbersome to track and backup so many private keys as the number of one’s generated addresses and transactions increased.

However, when an HD wallet is created, a single random seed (also called the 'master private key') is generated. All the other private keys (and their corresponding public addresses) that will be part of the HD wallet are generated from that single base.
All HD wallets use a variant of the standard 12-word master seed key, and each time this seed can be extended at the end by a counter value which makes it possible to automatically derive an unlimited number of new addresses as illustrated in the picture below


Image courtesy; coinsutra.com

Taking a backup of this master seed key only once means that all subsequent addresses can easily be re-created mathematically from the algorithm during restoration. HD wallets use a one-way SHA-256 hash algorithm which produces this tree of keys without any error if the input (or seed key) is the same

• Effortless backup procedure: One needs to backup only one key (i.e. “seed key”) and it is the only backup one will ever need for all their addresses in the HD wallet
• Generating new Bitcoin addresses made easy: One can generate as many receiving addresses every time they need to receive bitcoins as they like without ever worrying to backup each time
• Improved security: An HD wallet also has the concept of a 'master public key'. This can be used on a website, for example, to generate all the public addresses, but cannot generate the private keys for those addresses. This makes the master public key very useful and very secure
• Improved financial privacy: HD wallets also help one protect their financial privacy without much effort as one is able to generate different addresses for each deposit making it hard for anybody with malicious intent to track down one’s transactions so long as the culprit does not have access to the master public key

1. Ledger Nano S (Hardware wallet)
2. Trezor (Hardware wallet)
3. KeepKey (Hardware wallet)
4. Electrum (Mobile/Desktop)
5. Jaxx (Mobile/Desktop)
6. Mycelium (mobile)
7. Atomic wallet (Mobile/Desktop)
8. Coinomi (Mobile/Desktop)

---

REFERENCES AND MORE INFORMATION
1. https://coinrivet.com/hd-wallets-explained/
2. https://coinsutra.com/hd-wallets-deterministic-wallet/
3. https://www.reddit.com/r/Bitcoin/comments/2zctw9/hd_wallets_vs_classic_wallets/
4. https://www.investopedia.com/terms/h/hd-wallet-hierarchical-deterministic-wallet.asp

NB: Members can suggest any additional information if it's lacking.